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WHAT IS CLAIMED IS : 

L A secure network configured to carry data, comprising: 

a plurality of anti-bubbles, each anti-bubble having a plurality of 
anti-bubble partitions, each anti-bubble partition having at least one network 
device configured to transmit and receive data, and all of the network devices 
corresponding to at least one of the plurality of anti-bubbles have the same 
network security policy; and 

a plurality of network control points, each network control point 
including one or more network control point devices having at least one 
interface, wherein each of the plurality of anti-bubble partitions is connected to 
at least one network control point to form an anti-bubble boundary, the network 
control point is used to provide a connection between any two network devices, 
and wherein at least one of the network control point devices is configured to 
enforce the network security policy of the anti-bubble that is connected to the 
network control point device. 

2. A secure network as defined in claim 1, further comprising a plurality of 
inter-bubble devices, each inter-bubble device is configured to connect at least 
two of the plurality of anti-bubbles to one another and to enforce the network 
security policy of each of the plurality of anti-bubbles that the inter-bubble 
device is connected to. 

3. A secure network as defined in claim 1, wherein each of the plurality of 
anti-bubble partitions that belong to the same anti-bubble has the same network 
security policy applied at each of the plurality of network control points that 
are connected to the plurality of anti-bubble partitions. 

4. A secure network as defined in claim 1, wherein each of the plurality of 
anti-bubble partitions has no network connectivity to all other anti-bubble 
partitions within the same anti-bubble. 
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5. A secure network as defined in claim 1, wherein each of the plurality of 
anti-bubble partitions is defined by an address range. 

6. A secure network as defined in claim 5, wherein each of the network 
devices in each of the plurality of anti-bubble partitions has an address 
contained within the address range. 

7. A secure network as defined in claim 6, wherein each address exists in 
only one of the plurality of anti-bubble partitions. 

8. A secure network as defined in claim 1, wherein each of the plurality of 
network control points ensures source address integrity at each anti-bubble 
boundary. 

9. A secure network as defined in claim 1, wherein each of the plurality of 
anti-bubble partitions is connected to at least two network control point devices 
to achieve high availability in the case of a failed interface or network control 
point device. 

10. A secure network as defined in claim 1, wherein data may not be 
transmitted between two network devices in different anti-bubble partitions of 
the same anti-bubble. 

11. A secure network as defined in claim 1, wherein the plurality of network 
control points are coupled to one another and form a virtual backbone that is 
external to all of the plurality of anti-bubbles. 

12. A secure network as defined in claim 1 1, wherein each of the plurality 
of network control points ensure source address integrity across the virtual 
backbone. 

13. A secure network as defined in claim 1, wherein each network device 
connects to only one network control point. 
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14. A secure network as defined in claim 1, wherein the total number of 
network control points is greater than the number of network control points 
connected to any one particular anti-bubble partition. 

15. A secure network as defined in claim 1, wherein all data transmitted 
from one network device to another network device traverses only one network 
control point. 

16. A secure network as defined in claim 1, wherein all data transmitted 
from one network device to another network device traverses only two network 
control points. 

17. A secure network configured to transmit data, comprising: 

a first and a second anti-bubble, each anti-bubble having a 
distinct network security policy and a plurality of anti-bubble partitions, each 
anti-bubble partition having a plurality of network devices configured to 
transmit and receive data; and 

a plurality of network control points, each network control point 
having one or more network control point devices, each network control point 
device having at least one interface, wherein each anti-bubble partition is 
connected to at least one and no more than two network control points to 
provide a connection between a network device in the first anti-bubble and a 
network device in the second anti-bubble, and wherein each one of the network 
control point devices is configured to enforce the network security policy of at 
least one of the anti-bubbles. 

18. A secure network as defined in claim 17, wherein no data can be 
transmitted from any network device in the first anti-bubble to any network 
device in the second anti-bubble. 

19. A secure network as defined in claim 17, further comprising a bubble 
having a distinct network security policy and a plurality of bubble partitions, 
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each bubble partition having a plurality of network devices configured to 
transmit and receive data. 

20. A secure network as defined in claim 19, wherein data transmitted from 
a network device in the first anti-bubble to a network device in the bubble 
traverses one or more network control points. 

21. A secure network as defined in claim 17, wherein the network control 
point enforces source integrity for all anti-bubble partitions that are connected 
to it. 

22. A secure network as defined in claim 17, wherein each anti-bubble 
partition connects to only one network control point. 

23. A secure network as defined in claim 17, further comprising an inter- 
bubble device configured to connect the first anti-bubble to the second anti- 
bubble and to enforce the network security policy of the first and second anti- 
bubbles. 

24. A secure network as defined in claim 17, wherein each of the plurality 
of anti-bubble partitions that belong to the same anti-bubble has the same 
network security policy applied at each of the plurality of network control 
points that are connected to the plurality of anti-bubble partitions. 

25. A secure network as defined in claim 17, wherein each of the plurality 
of anti-bubble partitions has no network connectivity to any other anti-bubble 
partitions within the same anti-bubble. 

26. A secure network as defined in claim 17, wherein each of the plurality 
of anti-bubble partitions is connected to at least two network control point 
devices to achieve high availability in the case of a failed interface or network 
control point device. 

27. A secure network as defined in claim 17, wherein each of the plurality 
of anti-bubble partitions is defined by an address range. 
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28. A secure network as defined in claim 27, wherein each of the plurality 
of network devices in each of the plurality of anti-bubble partitions has an 
address contained within the address range. 

29. A secure network as defined in claim 28, wherein each address exists in 
only one of the plurality of anti-bubble partitions. 

30. A secure network as defined in claim 17, wherein data may not be 
transmitted between two network control point devices in different anti-bubble 
partitions of the same anti-bubble. 

31. A secure network as defined in claim 17, wherein the plurality of 
network control points are coupled to one another and form a virtual backbone 
that is external to the first and the second anti-bubbles. 

32. A secure network as defined in claim 3 1, wherein each of the plurality 
of network control points ensure source address integrity across the virtual 
backbone. 

33. A secure network as defined in claim 17, further comprising an inter- 
bubble device configured to connect the first anti-bubble to the second anti- 
bubble and to enforce the network security policy of the first and second anti- 
bubbles. 

34. A secure network configured to carry data, comprising: 

a plurality of anti-bubbles, each anti-bubble having a plurality of 
anti-bubble partitions, each anti-bubble partition having at least one network 
device configured to transmit and receive data, and all of the network devices 
corresponding to at least one of the plurality of anti-bubbles having the same 
network security policy; and 

a plurality of network control points, each network control point 
including one or more network control point devices having at least one 
interface, wherein each anti-bubble partition is connected to only one network 
control point, which is used to provide a connection between any two network 
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devices of different anti-bubbles, and wherein each one of the network control 
point devices is configured to enforce the network security policy of the anti- 
bubble that the network control point device is connected to and wherein when 
data is transmitted from one network device to another network device, two 
network control points are traversed. 

35. A secure network as defined in claim 34, further comprising a plurality 
of inter-bubble devices, each inter-anti-bubble device is configured to connect 
at least two of the plurality of anti-bubbles to one another and to enforce the 
network security policy of each of the plurality of anti-bubbles that it is 
connected to. 

36. A secure network as defined in claim 34, wherein each of the plurality 
of anti-bubble partitions has no network connectivity to any other anti-bubble 
partitions belonging to the same anti-bubble. 

37. A secure network as defined in claim 34, wherein no data can be 
transmitted between two devices in different anti-bubble partitions. 

38. A secure network as defined in claim 34, wherein each of the plurality 
of anti-bubble partitions that belong to the same bubble has the same network 
security policy applied at each of the plurality of network control points that 
are connected to the plurality of anti-bubble partitions. 

39. A secure network as defined in claim 34, wherein the plurality of 
network control points are coupled to one another and form a virtual backbone 
that is external to all of the plurality of anti-bubbles. 

40. A secure network as defined in claim 39, wherein each of the plurality 
of network control points ensure source address integrity across the virtual 
backbone. 

41. A secure network as defined in claim 34, wherein each network device 
connects to only one network control point. 
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42. A secure network as defined in claim 34, wherein each of the plurality 
of anti-bubble partitions is defined by an address range. 

43. A secure network as defined in claim 34, wherein each of the network 
devices in each of the plurality of anti-bubble partitions has an address 

5 contained within the address range. 

44. A secure network as defined in claim 43, wherein each address exists in 
only one of the plurality of anti-bubble partitions. 

45. A secure network as defined in claim 34, wherein data may not be 
transmitted between two network devices in different anti-bubble partitions of 

10 the same anti-bubble. 

46. A secure network as defined in claim 34, wherein each of the plurality 

3 J*l 

; p of network control points ensures source address integrity at the connection 

Ixl 

'(fi between any two network devices of the plurality of anti-bubbles. 

*0 • 

47. A secure network as defined in claim 34, wherein each of the plurality 
15 of anti-bubble partitions is connected to at least two network control point 

devices to achieve high availability in the case of a failed interface or network 
control point device. 

48. A secure network configured to carry data, comprising: 
a plurality of anti-bubbles, each anti-bubble having a plurality of 

20 anti-bubble partitions, each anti-bubble partition having at least one network 
device configured to transmit and receive data, and all of the network devices 
corresponding to at least one of the plurality of anti-bubbles have the same 
network security policy; 

a plurality of bubbles, each bubble having a plurality of bubble 
25 partitions, each bubble partition having at least one network device configured 
to transmit and receive data, and all of the network devices corresponding to at 
least one of the plurality of bubbles have the same network security policy; and 
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a plurality of network control points, each network control point 
including one or more network control point devices having at least one 
interface, wherein each anti-bubble partition and each bubble partition is 
connected to one of the plurality of network control points, which are used to 
5 provide a connection between two or more network devices of different anti- 
bubbles and two or more network devices of the plurality of bubbles, and 
wherein each one of the network control point devices is configured to enforce 
the network security policy of the anti-bubble and bubble that the network 
control point device is connected to. 

10 49. A secure network as defined in claim 48, wherein no data can be 
transmitted between two devices in different anti-bubble partitions. 

50. A secure network as defined in claim 48, wherein data can be 
transmitted from a network device in any of the plurality of anti-bubbles to a 
network device in any of the plurality of bubbles via the plurality of network 
15 control points. 


51. A secure network as defined in claim 48, wherein all data transmitted 
between one device in one of the plurality of anti-bubble partitions and one 
device in one of the plurality of bubble partitions traverse one or more network 
control points. 

20 52. A secure network as defined in claim 48, wherein the plurality of 

network control points are coupled to one another and form a virtual backbone 
that is external to all of the plurality of anti-bubbles and bubbles. 

53. A secure network as defined in claim 52, wherein each of the plurality 
of network control points ensure source address integrity across the virtual 

25 backbone. 

54. A secure network as defined in claim 48, wherein each of the plurality 
of anti-bubble partitions and bubble partitions is defined by an address range. 
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55. A secure network as defined in claim 54, wherein each of the network 
devices in each of the plurality of anti-bubble partitions and each of the 
plurality of bubble partitions has an address contained within the address range. 

56. A secure network as defined in claim 55, wherein each address exists in 
only one of the plurality of anti-bubble partitions or only one of the plurality of 
bubble partitions. 
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